cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1309
Views
15
Helpful
6
Replies

ASDM will not work

rick03yrowe
Level 1
Level 1

Hey Folks,

I am trying to get this new firewall up and I think I have everything configured for ASDM to run but, when I try to open the page to download the launcher I get nothing.  Below are the relevant configs...

interface Management0/0
nameif management
security-level 100
ip address 10.32.85.25 255.255.255.0
management-only

FW# sho run asdm

asdm image disk0:/asdm-66114.bin

no asdm history enable

FW# dir

Directory of disk0:/

2      drwx  4096         16:47:32 Jan 22 2013  log
5      drwx  4096         16:47:48 Jan 22 2013  crypto_archive
92     -rwx  0            16:47:50 Jan 22 2013  nat_ident_migrate
13     drwx  4096         16:47:50 Jan 22 2013  coredumpinfo
102    -rwx  34523136     16:51:42 Jan 22 2013  asa861-2-smp-k8.bin
103    -rwx  17851400     16:56:30 Jan 22 2013  asdm-66114.bin
104    -rwx  12998641     17:00:44 Jan 22 2013  csd_3.5.2008-k9.pkg
105    drwx  4096         17:00:46 Jan 22 2013  sdesktop
106    -rwx  6487517      17:00:46 Jan 22 2013  anyconnect-macosx-i386-2.5.2014-k9.pkg
107    -rwx  6689498      17:00:46 Jan 22 2013  anyconnect-linux-2.5.2014-k9.pkg
108    -rwx  4678691      17:00:46 Jan 22 2013  anyconnect-win-2.5.2014-k9.pkg

http server enable


http 10.0.0.0 255.0.0.0 management
http 10.32.170.106 255.255.255.255 management

Gateway of last resort is 10.32.85.1 to network 0.0.0.0

C    10.32.85.0 255.255.255.0 is directly connected, management
C    10.35.181.0 255.255.255.240 is directly connected, inside
C    X.X.X.0 255.255.255.240 is directly connected, outside
S*   0.0.0.0 0.0.0.0 [1/0] via 10.32.85.1, management

My host address is 10.32.170.106,.what am I missing?????

1 Accepted Solution

Accepted Solutions

Andrew Phirsov
Level 7
Level 7

Maybe as usual, add this to your config:

ssl encryption aes128-sha1 3des-sha1

View solution in original post

6 Replies 6

Andrew Phirsov
Level 7
Level 7

Maybe as usual, add this to your config:

ssl encryption aes128-sha1 3des-sha1

Hi

give the command.

hostname(config)# crypto key generate rsa modulus 1024

Hope so you would be able to access using ASDM

Rudy Sanjoko
Level 4
Level 4

is your new firewall is an asa-x series? can you ping the asa management ip address from  the host?

The management interface is designed for management not to be a routed interface  this should be your inside address. Also the management interface has its own physical port, if the management port is not physical connected to your network at the moment you could instead try :

A) if you can ping your inside interface from your host

B) if yes then add http 10.0.0.0 255.0.0.0 inside and see if you cant access the ADSM now

Next I noticed your routing table, typicall your default route is the unknown world e.g outside interface,

where as you have static routes or other means of publishing your inside network.

Gateway of last resort is 10.32.85.1 to network 0.0.0.0

C 10.32.85.0 255.255.255.0 is directly connected, management
C 10.35.181.0 255.255.255.240 is directly connected, inside
C X.X.X.0 255.255.255.240 is directly connected, outside
S* 0.0.0.0 0.0.0.0 [1/0] via 10.32.85.1, management

Beside that you have the min. required config in place for it to work.

asdm image disk0:/asdm-66114.bin

http server enable

http 10.0.0.0 255.0.0.0 management (alternative http 10.0.0.0 255.0.0.0 inside)

+ the image loaded

did you create a user with pril level 15? also define a subnet that can access the ASA via ASDM?

http 192.168.1.0 255.255.255.0 management

Rommel Papa
Level 1
Level 1

Hi,

Just use JAVA 6, this will solve your problem..

Thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: